>I thought they all did. On a couple of machines to hand. Fair enough! I mised those! Although .... it's not clear to me at first glance those work exactly with the OpenSSL library out of the box. I mean, there's a reason web browsers ship their own CA infrastructure; operating systems don't traditionally do a good job. And I just shudder when I think about trying to tell people how to download a CA trust chain. Sigh.
>I've lots under /etc/ssl/certs. Something under >/usr/share/ca-certificates. And things like wget(1) have a bunch of >--certificate-* options and talk of "the file name is based on a hash >value derived from the certificate" and "system-specified locations, >chosen at OpenSSL installation time". Right, it's talking about directories created with c_rehash. I almost think we'd need to configure that stuff somehow. --Ken _______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
